Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/YwAr9qGkqMlaGniFNTa2p2_yBO0.roa
File: YwAr9qGkqMlaGniFNTa2p2_yBO0.roa (raw, json)
Hash identifier: 7FxkAHf2ZbS3zENJ7tNe9rBkqXj1R3EeYTQpBTqT1cY=
Subject key identifier: 63:00:2B:F6:A1:A4:A8:C9:5A:1A:78:85:35:36:B6:A7:6F:F2:04:ED
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F64
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YwAr9qGkqMlaGniFNTa2p2_yBO0.roa
Signing time: Mon 10 Feb 2025 14:08:02 +0000
ROA not before: Mon 10 Feb 2025 14:08:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 192.72.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3940 (0xf64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=63002BF6A1A4A8C95A1A78853536B6A76FF204ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:99:08:a5:19:2b:ee:57:4d:49:ae:85:bf:aa:
fc:d4:84:60:7f:4c:7e:d7:5d:c4:26:f4:24:22:cf:
d8:ea:94:b3:99:7d:98:7b:ef:a1:13:36:b0:1a:86:
b7:66:40:55:34:dc:2d:1e:48:d4:b8:79:8e:81:c7:
65:98:e6:05:82:ec:78:3e:ba:cb:1e:61:1b:46:59:
18:2e:fe:02:f2:51:c5:d1:11:a9:79:09:b7:e4:3d:
d0:9f:3c:77:00:f0:09:39:b3:cd:bf:9b:19:90:79:
7a:e5:cc:3a:83:0e:b0:eb:a3:f6:7c:f9:66:df:a4:
c0:e4:e5:9a:32:7c:5d:7d:ce:55:23:6e:c7:ef:4a:
87:c3:ba:a6:f4:dd:bc:b4:86:a7:99:37:5d:ec:a4:
44:ef:84:cd:e8:5e:09:56:10:1f:92:b2:72:12:10:
84:3b:da:03:1e:9f:78:7a:40:af:f6:77:08:08:d5:
b3:98:26:1e:a6:3f:fe:f7:6c:8e:5b:94:24:a4:ab:
b6:03:1f:f7:36:59:ac:c2:31:60:9f:e8:6e:41:19:
17:e4:07:4b:7c:4b:d8:c6:b6:60:fd:47:4e:06:e6:
91:7e:27:8a:9d:f9:43:a8:3d:44:f1:fa:4c:3f:0b:
58:43:52:61:a1:20:6b:7c:7b:c0:e2:0a:1b:d7:18:
4a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:00:2B:F6:A1:A4:A8:C9:5A:1A:78:85:35:36:B6:A7:6F:F2:04:ED
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/YwAr9qGkqMlaGniFNTa2p2_yBO0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:b9:1e:a2:be:99:d2:58:8d:e7:22:5d:cd:af:48:7a:2c:eb:
14:11:4f:4a:4b:04:8a:36:3d:16:f2:88:c2:bf:e7:03:15:43:
81:d0:92:54:f5:51:b9:5f:68:91:23:3c:4d:b5:c5:a8:e2:bb:
08:ac:9d:fd:dd:20:27:d7:37:43:57:67:f6:59:37:26:e3:7e:
3c:ae:2c:25:2b:66:89:86:99:09:5e:0d:73:b2:1c:4a:6d:48:
25:1e:18:6f:17:1d:c0:aa:07:01:fe:07:0b:0f:91:7b:1c:85:
19:23:0f:dc:b8:37:3e:47:cd:07:08:fd:fc:47:5b:60:45:bc:
2d:4f:9a:e1:e3:01:15:9f:f9:da:5a:bd:7e:38:6c:58:90:72:
c1:a6:42:3b:bf:08:49:dd:62:3a:6f:2b:eb:3c:97:87:1c:39:
7c:20:b3:ce:5f:76:8e:c9:94:29:79:26:d0:6c:c1:25:cf:6a:
af:59:21:c0:e9:8c:3a:36:ec:0b:e4:b9:66:09:94:00:77:cc:
99:45:c1:d2:20:b1:b9:4a:b0:2c:d3:d3:c3:3e:87:df:30:10:
f6:b5:75:4f:d7:cb:22:03:53:b3:75:00:ed:a9:ee:9f:97:fc:
c6:a5:83:8b:3f:12:78:55:7d:06:c3:c6:64:09:de:41:bb:a8:
7c:80:69:05
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzMDAyQkY2QTFBNEE4
Qzk1QTFBNzg4NTM1MzZCNkE3NkZGMjA0RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOmQilGSvuV01JroW/qvzUhGB/TH7XXcQm9CQiz9jqlLOZfZh7
76ETNrAahrdmQFU03C0eSNS4eY6Bx2WY5gWC7Hg+usseYRtGWRgu/gLyUcXREal5
CbfkPdCfPHcA8Ak5s82/mxmQeXrlzDqDDrDro/Z8+WbfpMDk5ZoyfF19zlUjbsfv
SofDuqb03by0hqeZN13spETvhM3oXglWEB+SsnISEIQ72gMen3h6QK/2dwgI1bOY
Jh6mP/73bI5blCSkq7YDH/c2WazCMWCf6G5BGRfkB0t8S9jGtmD9R04G5pF+J4qd
+UOoPUTx+kw/C1hDUmGhIGt8e8DiChvXGErDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYwAr9qGkqMlaGniFNTa2p2/yBO0wHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWXdBcjlxR2txTWxhR25pRk5UYTJw
Ml95Qk8wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBI/DAN
BgkqhkiG9w0BAQsFAAOCAQEAW7keor6Z0liN5yJdza9IeizrFBFPSksEijY9FvKI
wr/nAxVDgdCSVPVRuV9okSM8TbXFqOK7CKyd/d0gJ9c3Q1dn9lk3JuN+PK4sJStm
iYaZCV4Nc7IcSm1IJR4YbxcdwKoHAf4HCw+RexyFGSMP3Lg3PkfNBwj9/EdbYEW8
LU+a4eMBFZ/52lq9fjhsWJBywaZCO78ISd1iOm8r6zyXhxw5fCCzzl92jsmUKXkm
0GzBJc9qr1khwOmMOjbsC+S5ZgmUAHfMmUXB0iCxuUqwLNPTwz6H3zAQ9rV1T9fL
IgNTs3UA7anun5f8xqWDiz8SeFV9BsPGZAneQbuofIBpBQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:39:49 2025 by rpki-client